<?php
require_once('mysql_connect.php');
if ($_SESSION['admin'] == 1){
}else{
	header("Location:login.php");
	exit();
}

$loc ="admin";
if(isset($_POST['id'])){
$getid = $_POST['id'];
}
if(isset($_GET['id'])){
$getid = $_GET['id'];
}

if(isset($_GET['checkin'])){
	$query = "DELETE FROM checkout WHERE id=" . $_GET['checkin'];
	$result = mysql_query($query);
}
if(isset($_GET['bug'])){
	$query = "SELECT * FROM checkout WHERE id=" . $_GET['bug'];
	$result = mysql_query($query);
	$row = mysql_fetch_array($result);
	$moviequery = "SELECT * FROM movie WHERE id=" . $row['movieid'];
	$movieresult = mysql_query($moviequery);
	$movierow = mysql_fetch_array($movieresult);
	$usersquery = "SELECT * FROM users WHERE id=" . $row['usersid'];
	$usersresult = mysql_query($usersquery);
	$usersrow = mysql_fetch_array($usersresult);
	mail(unescape_data($usersrow['email']), unescape_data($movierow['name']), "You haven't returned the above movie and we are wondering why?  Please return this movie immediately.  \nThank you!\n\n******************\nThis message came from the Quon DVD database.  For more information go to http://www.wbpsystems.com", 'From: '. $_SERVER['SERVER_NAME']);
}
if(isset($_POST['check'])){
	$query = "DELETE FROM checkout WHERE movieid=" . $_POST['check'];
	$result = mysql_query($query);
}


$pullquery = "SELECT * FROM checkout";
$pullresult = mysql_query($pullquery);
include('top.php');
?>
<TABLE><TR><TD>
<FORM ACTION="checkin.php" method="post">
<BR><FONT FACE="Verdana" size=-1 color=000000>id number: </FONT><INPUT TYPE="text" name="check" id="check" value="<?php echo $getid;?>"><INPUT TYPE="submit" name="submit" id="submit" value="check-in">
</FORM>
<BR><HR width="100%">
<?php
while($pullrow = mysql_fetch_array($pullresult)){
	$moviequery = "SELECT * FROM movie WHERE id=" . $pullrow['movieid'];
	$movieresult = mysql_query($moviequery);
	$usersquery = "SELECT * FROM users WHERE id=" . $pullrow['usersid'];
	$usersresult = mysql_query($usersquery);
	$usersrow = mysql_fetch_array($usersresult);
	while($movierow = mysql_fetch_array($movieresult)){
?>
	<BR><FONT FACE="Verdana" size=-1 color=000000><?php echo unescape_data($movierow['name']);?>  -- <?php echo unescape_data($usersrow['email']);?> (<A HREF="checkin.php?checkin=<?php echo $pullrow['id'];?>"><FONT FACE="Verdana" size=-1 color=000000>check-in</FONT></A> | <A HREF="checkin.php?bug=<?php echo $pullrow['id'];?>"><FONT FACE="Verdana" size=-1 color=000000>bug</FONT></A>)</FONT>
<?php
	}
}
?>

</TD></TR></TABLE>
<?php
include('bot.php');
?>